Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Luck, career goals and a CISSP boot camp

A newly certified security practitioner gives us a peek into his CISSP exam preparations.

Having recently decided to attempt the CISSP® exam using the boot camp route and finding the entire experience exhausting but worthwhile, I felt I would share my experiences with the security community. Here is a glimpse of my experience and lessons learned as excerpted from the full article originally published by The Certified Security Professional Online Magazine. These excerpts only hint at what is contained in what I hope is THE definitive guide to passing the CISSP exam.

Test taking advice

The most valuable advice I can offer for taking the CISSP exam is to force yourself to take mandatory breaks. Each candidate is given six hours to complete the test. Most complete it in three to four hours, giving the average person two hours of unused time. Once again, I remind you that this is a task that most of us choose willingly as an opportunity to advance our careers. Having spent countless hours in preparation, it only stands to reason that everyone should use those two hours to their advantage. So, every time you complete 50 questions, close your exam booklets and ask to be excused to the bathroom, get coffee or simply get out of the exam room to stretch. This break helps both those students who breeze through the exam as well as those who


Obtain free CISSP training from the author of the All-in-One CISSP Exam Guide, Shon Harris

Dos and don'ts for passing the CISSP exam

Read Donald Donzal's top 10 ways to earn CPE credits from (ISC)2

struggle. If you're breezing through the exam, it prevents you from skimming the questions as opposed to reading them thoroughly simply because you are on a roll. If you are struggling, it gives you time to reflect or get a fresh start. Either way, on an exam this long, this is the single best method of time management. And let's face it, in the grand scheme of things, what are a couple more hours if it increases your chances of passing? Who cares if you're the last one in the room? Take this advice and just do it!

The exam

Be afraid. Be very afraid... Just kidding. Although I swear they front loaded the exam with those beta questions that don't count! The beta questions may cover topics you didn't cover during your studies. They got me so discouraged I thought I could never pass. But I kept telling myself that this is a marathon and not a sprint. I got up and took one of my personally scheduled breaks, went to the bathroom, splashed water on my face, cleared my head a little and went back into the testing room. I found that as the test went on, it got easier for me. But having such difficult questions in the beginning set the tone for the entire experience. So, like most who have taken the exam, I had no idea whether I had passed.

But I stuck to my plan of going through every question once, highlighting key words, answering every question on the Scantron form and marking each question with one of thee marks: 'X' indicated I knew it 100%; '?' meant that I was not 100% confident; and '*' indicated that I had no idea. You may also mark a question that relates or is similar to another question by writing the previous question number next to the similar question. This will help you cross-reference questions to increase your confidence in other answers. All the while taking my breaks, I eventually made a second pass only ignoring questions with an 'X' over the entire question. Slowly, after two to three passes, I whittled down the questions until there were very few for which I was still unsure. Having eliminated all but two answers on each unsure question, I made educated guesses.

Hopefully this piqued your interest enough to view the entire article that is basically a roadmap to passing the CISSP exam. The article also contains a 'Recommended Study Method' that can be customized to meet your needs, the thought process behind choosing the right boot camp, experiences from start to finish, pitfalls of brain dumps and much more.

CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium, Inc., also known as ISC(2).

This was last published in October 2005

Dig Deeper on CISSP certification

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.